<?php #//AJAX PHP PENNY AUCTION v.1.1

#///////////////////////////////////////////////////////////
#//  COPYRIGHT 2009 Aaron Helmlinger ALL RIGHTS RESERVED  //
#///////////////////////////////////////////////////////////


require('../includes/config.inc.php');
include "loggedin.inc.php"; 
include "../includes/countries.inc.php";


$auction_id = $_GET['auctionid'];

$high_bidder 	= $_GET['userid'];
  
$query99 = "select * from PHPAUCTIONXL_auctions
         WHERE id='$auction_id'";
$result = mysql_query($query99);
$num_auction = mysql_num_rows($result);

 $i = 0;
while($i < $num_auction) {
     $title 	= mysql_result($result,$i,"title");
  
$high_bid 	= mysql_result($result,$i,"current_bid");
   $shipping_fee 	= mysql_result($result,$i,"shipping_fee");
   $shipping_terms 	= mysql_result($result,$i,"shipping_terms");
   $retail 	= mysql_result($result,$i,"retail");
   $return_policy 	= mysql_result($result,$i,"return_policy");
   $ends 	= mysql_result($result,$i,"ends");
   
        $i++;
}
    $query99 = "select * from PHPAUCTIONXL_payments
         WHERE itemid='$auction_id' AND userid='$high_bidder' AND itemtype='BuyNow-Item-ID'";
$result = mysql_query($query99);
$num_auction = mysql_num_rows($result);

 $i = 0;
while($i < $num_auction) {
   
   $amount 	= mysql_result($result,$i,"amount");
  $ends = mysql_result($result,$i,"date");

//   $closed = mysql_result($result,$i,"closed"); 
   
   
$i++;
}











   
      $jsenddate = "";

$jsenddate .= substr ($ends, 4, 2);
$jsenddate .= "/";
$jsenddate .= substr ($ends, 6, 2);
$jsenddate .= "/";
$jsenddate .= substr ($ends, 0, 4);
$jsenddate .= " ";


     
if (substr ($ends, 8, 2) > 12) {
$jsenddate .= substr ($ends, 8, 2)-12;
$jsampm = "PM";
}
if (substr ($ends, 8, 2) != 00){
if (substr ($ends, 8, 2) < 12) {
$jsenddate .= substr ($ends, 8, 2);
$jsampm = "AM";
}}
if (substr ($ends, 8, 2) == 12) {
$jsenddate .= substr ($ends, 8, 2);
$jsampm = "PM";
}
if (substr ($ends, 8, 2) == 00) {
$jsenddate .= 12;
$jsampm = "AM";
}

$jsenddate .= ":";
$jsenddate .= substr ($ends, 10, 2);
$jsenddate .= ":";
$jsenddate .= substr ($ends, 12, 2);
$jsenddate .= " ";
$jsenddate .= $jsampm;

$closing_date = $jsenddate;

$TIME = mktime(date("H")+$SETTINGS['timecorrection'],date("i"),date("s"),date("m"), date("d"),date("Y"));

$NOW = date("YmdHis",$TIME);


   $jsenddate = "";

$jsenddate .= substr ($NOW, 4, 2);
$jsenddate .= "/";
$jsenddate .= substr ($NOW, 6, 2);
$jsenddate .= "/";
$jsenddate .= substr ($NOW, 0, 4);
$jsenddate .= " ";


     
if (substr ($NOW, 8, 2) > 12) {
$jsenddate .= substr ($NOW, 8, 2)-12;
$jsampm = "PM";
}
if (substr ($NOW, 8, 2) != 00){
if (substr ($NOW, 8, 2) < 12) {
$jsenddate .= substr ($NOW, 8, 2);
$jsampm = "AM";
}}
if (substr ($NOW, 8, 2) == 12) {
$jsenddate .= substr ($NOW, 8, 2);
$jsampm = "PM";
}
if (substr ($NOW, 8, 2) == 00) {
$jsenddate .= 12;
$jsampm = "AM";
}

$jsenddate .= ":";
$jsenddate .= substr ($NOW, 10, 2);
$jsenddate .= ":";
$jsenddate .= substr ($NOW, 12, 2);
$jsenddate .= " ";
$jsenddate .= $jsampm;

$shipped_date = $jsenddate;
   
   
  $query_tax1 = "select tax_rate_percentage from PHPAUCTIONXL_version_1_3 where id=1";
                             $query_tax2 =  mysql_query ($query_tax1);
                                $tax_rate_percentage1 = mysql_result($query_tax2,0,"tax_rate_percentage");     
   
//$currency_symbol
$price = $high_bid;
$shipping_fee2 = print_money_nosymbol($shipping_fee);
$taxprice = ( $price + $shipping_fee ) * $tax_rate_percentage1; 
$sales_tax_percentage = $tax_rate_percentage1 * 100;
$sales_tax_percentage .= "%"; 
$taxprice = print_money_nosymbol($taxprice);
$price2 = ( $price + $shipping_fee ) * ( 1 + $tax_rate_percentage1 );
$price3 = print_money_nosymbol($high_bid);
 $price4 = print_money_nosymbol($price2);



$prefix="../";
#//
$ERR = "";

#//
$query = "SELECT * FROM PHPAUCTIONXL_settings";
$res = @mysql_query($query);
if(!$res) {
	print "Error: $query<BR>".mysql_error();
	exit;
} elseif(mysql_num_rows($res) > 0) {
	$HOME_SETTINGS = mysql_fetch_array($res);
	$SETTINGS=array_merge($SETTINGS,$HOME_SETTINGS);
}
if(file_exists(realpath(phpa_uploaded()."settings.ini"))) {
	$INI_SETTINGS=parse_ini_file(realpath(phpa_uploaded()."settings.ini"));
	$SETTINGS=array_merge($SETTINGS,$INI_SETTINGS);
}

#//
if($_POST['action'] == "update")
{

           $closed_auctions1 = $_POST[closed_auctions];


              $query2="UPDATE PHPAUCTIONXL_version_1_3 SET closed_auctions='$closed_auctions1' WHERE id='1'";
       
mysql_query($query2); 

                 
                 
                 



  if($_FILES['logo']['tmp_name']){
	#// Handle logo upload
	$inf = GetImageSize ($_FILES['logo']['tmp_name']);
	if ( $inf[2]<1 || $inf[2]>3 ) {
		print $ERR_602;
		exit;
	}
        if ( filesize($_FILES['logo']['tmp_name']) > $_POST['MAX_FILE_SIZE'] ) 
        {
          print $ERR_603;
          exit;   
        }
	if(!empty($_FILES['logo']['tmp_name']) && $_FILES['logo']['tmp_name'] != "none") {
		//		$TARGET = $image_upload_path.$_FILES['logo']['name'];
		$TARGET = realpath(phpa_uploaded())."/".$_FILES['logo']['name'];
		@move_uploaded_file($_FILES['logo']['tmp_name'],$TARGET);
		chmod($TARGET,0666);
		$LOGOUPLOADED = TRUE;
	}
  }

	#// Handle logo upload
	if(!empty($_FILES['background']['tmp_name']) && $_FILES['background']['tmp_name'] != "none") {
		//		$TARGET = $image_upload_path.$_FILES['background']['name'];
		$TARGET = realpath(phpa_uploaded())."/".$_FILES['background']['name'];
		@move_uploaded_file($_FILES['background']['tmp_name'],$TARGET);
		chmod($TARGET,0666);
		$BACKUPLOADED = TRUE;
	}

	$query = " UPDATE PHPAUCTIONXL_settings SET
				   loginbox=".$_POST['loginbox'].",
				   newsbox=".$_POST['newsbox'].",
				   newstoshow=".$_POST['newstoshow'].",";
	$INI_SETTINGS[loginbox]=$_POST['loginbox'];
	$INI_SETTINGS[newsbox]=$_POST['newsbox'];
	$INI_SETTINGS[newstoshow]=$_POST['newstoshow'];
	if($LOGOUPLOADED) {
		$query .= "logo='".$_FILES['logo']['name']."', ";
		$INI_SETTINGS[logo]=$_FILES['logo']['name'];
	}
	if($BACKUPLOADED) {
		$query .= "background='".$_FILES['background']['name']."', ";
		$INI_SETTINGS[background]=$_FILES['background']['name'];
	}
	$query .= "brepeat='".$_POST['brepeat']."',
					featureditemsnumber=".intval($_POST['featureditemsnumber']).",
					featuredcolumns=".intval($_POST['featuredcolumns']).",
					lastitemsnumber=".intval($_POST['lastitemsnumber']).",
					catfeatureditemsnumber=".intval($_POST['catfeatureditemsnumber']).",
					catthumbnailswidth=".intval($_POST['catthumbnailswidth']).",
					higherbidsnumber=".intval($_POST['higherbidsnumber']).",
					endingsoonnumber=".intval($_POST['endingsoonnumber']).",
					thimbnailswidth=".intval($_POST['thimbnailswidth']).",
					pagewidth=".intval($_POST['pagewidth']).",
					pagewidthtype='".$_POST['pagewidthtype']."',
					alignment='".$_POST['alignment']."';";
          
          	
	$INI_SETTINGS[brepeat]=$_POST['brepeat'];
	$INI_SETTINGS[featureditemsnumber]=intval($_POST['featureditemsnumber']);
	$INI_SETTINGS[featuredcolumns]=intval($_POST['featuredcolumns']);
	$INI_SETTINGS[lastitemsnumber]=intval($_POST['lastitemsnumber']);
	$INI_SETTINGS[catfeatureditemsnumber]=intval($_POST['catfeatureditemsnumber']);
	$INI_SETTINGS[catthumbnailswidth]=intval($_POST['catthumbnailswidth']);
	$INI_SETTINGS[higherbidsnumber]=intval($_POST['higherbidsnumber']);
	$INI_SETTINGS[endingsoonnumber]=intval($_POST['endingsoonnumber']);
	$INI_SETTINGS[thimbnailswidth]=intval($_POST['thimbnailswidth']);
	$INI_SETTINGS[pagewidth]=intval($_POST['pagewidth']);
	$INI_SETTINGS[pagewidthtype]=$_POST['pagewidthtype'];
	$INI_SETTINGS[alignment]=$_POST['alignment'];
	$initxt="";
	foreach($INI_SETTINGS as $k=>$v)
	$initxt.="$k=$v\r\n";
	$fp=fopen(realpath(phpa_uploaded())."/"."settings.ini","w");
	fwrite($fp,$initxt);
	fclose($fp);
	$res_ = @mysql_query($query);
	if(!$res_) {
		print "Error: $query<BR>".mysql_error();
		exit;
	} else {
		$SETTINGS=array_merge($SETTINGS,$INI_SETTINGS);
		$ERR = $MSG_5019;
	}
}


$query_settings = "select * from PHPAUCTIONXL_version_1_3 where id='1'";
                             $query_settings2 =  mysql_query ($query_settings);
                                $closed_auctions2 = mysql_result($query_settings2,0,"closed_auctions");
            
        if ( empty($closed_auctions2)){    
              $query2="UPDATE PHPAUCTIONXL_version_1_3 SET closed_auctions='6' WHERE id='1'";
       
mysql_query($query2); 
          }         
          
          $query_settings = "select * from PHPAUCTIONXL_version_1_3 where id='1'";
                             $query_settings2 =  mysql_query ($query_settings);
                                $closed_auctions2 = mysql_result($query_settings2,0,"closed_auctions");
           
           
           
      
    $buyerquery = "select * from PHPAUCTIONXL_users where id='$high_bidder'";
    $buyerresult = mysql_query($buyerquery);


    $buyerusername = mysql_result($buyerresult,0,"name");
    $buyernick = mysql_result($buyerresult,0,"nick");
    $buyerpassword = mysql_result($buyerresult,0,"password");
    $buyeremail = mysql_result($buyerresult,0,"email");
    $buyeraddress = mysql_result($buyerresult,0,"address");
    $buyercity = mysql_result($buyerresult,0,"city");
    $buyerprov = mysql_result($buyerresult,0,"prov");
    $buyersuspended = mysql_result($buyerresult,0,"suspended");
    
    $buyercountry = mysql_result($buyerresult,0,"country");

   
    $buyerprov = mysql_result($buyerresult,0,"prov");
    $buyerzip = mysql_result($buyerresult,0,"zip");
    
    $buyerbirthdate = mysql_result($buyerresult,0,"birthdate");
    $buyerbirth_day = substr($buyerbirthdate,6,2);
    $buyerbirth_month = substr($buyerbirthdate,4,2);
    $buyerbirth_year = substr($buyerbirthdate,0,4);
    $buyerbirthdate = $buyerSETTINGS[datesformat] == "USA" ? "$buyerbirth_month/$buyerbirth_day/$buyerbirth_year" : "$buyerbirth_day/$buyerbirth_month/$buyerbirth_year";
    
    $buyerphone = mysql_result($buyerresult,0,"phone");


    $sellerquery = "select * from PHPAUCTIONXL_users where id=1 ";
    $sellerresult = mysql_query($sellerquery);


    $sellerusername = mysql_result($sellerresult,0,"name");
    $sellernick = mysql_result($sellerresult,0,"nick");
    $sellerpassword = mysql_result($sellerresult,0,"password");
    $selleremail = mysql_result($sellerresult,0,"email");
    $selleraddress = mysql_result($sellerresult,0,"address");
    $sellercity = mysql_result($sellerresult,0,"city");
    $sellerprov = mysql_result($sellerresult,0,"prov");
    $sellersuspended = mysql_result($sellerresult,0,"suspended");
    
    $sellercountry = mysql_result($sellerresult,0,"country");

   
    $sellerprov = mysql_result($sellerresult,0,"prov");
    $sellerzip = mysql_result($sellerresult,0,"zip");
    
    $sellerbirthdate = mysql_result($sellerresult,0,"birthdate");
    $sellerbirth_day = substr($sellerbirthdate,6,2);
    $sellerbirth_month = substr($sellerbirthdate,4,2);
    $sellerbirth_year = substr($sellerbirthdate,0,4);
    $sellerbirthdate = $sellerSETTINGS[datesformat] == "USA" ? "$sellerbirth_month/$sellerbirth_day/$sellerbirth_year" : "$sellerbirth_day/$sellerbirth_month/$sellerbirth_year";
    
    $sellerphone = mysql_result($sellerresult,0,"phone");
    
           
           
                                ?>
                                
<TABLE width=800 >                                
<TR valign=top>
<TD width=330>
                                
<img src="<?=phpa_uploaded().$SETTINGS['logo']?>">

</TD><TD width=220>
<font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" ><?print $sellernick; ?> <BR>
<?print $selleraddress; ?><BR>
<?print $sellercity; ?>,
<?print $sellerprov; ?>

<?print " ".$sellerzip; ?><BR>
<?print $sellercountry; ?> <BR>
<?print $sellerphone; ?> </font>


</TD><TD><H1><CENTER>Buy Now<BR>Packing Slip</CENTER></h1>
</TD>
</TR>
</TABLE>

   <HR width=800 align=left>
  <BR><BR> 
<TABLE width=800  >                                
<TR valign=top>
<TD width=330>


<font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >
<B>Ship To:</B><BR>
<?print $buyerusername; ?> <BR>
<?print $buyeraddress; ?><BR>
<?print $buyercity; ?>,
<?print $buyerprov; ?>
<?print " ".$buyerzip; ?><BR>
<?print $buyercountry; ?> <BR>
<?print $buyerphone; ?> <BR>
<?print $buyeremail; ?> </font>
</TD><TD width=220>
<font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" ><B>Shipping Date:</B><BR>

<?print $shipped_date; ?> </font>

</TD><TD>

<font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" ><B>Shipping Method / Terms:</B><BR>

<?print  $shipping_terms; ?> </font>


</TD>
</TR>
</TABLE>
   <BR><BR> 
   <HR width=800 align=left>
  <BR><BR> 
<TABLE width=800  >                                
<TR valign=top>
<TD width=330>


<font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >
<B>Auction Item Shipped:</B><BR>
ID: <?print $auction_id; ?> - <?print $title; ?>
    </font>
</TD><TD width=220>
<font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >

<B>Closing Date:</B><BR>

<?print $closing_date; ?> </font>

</TD><TD>

<font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >


<B>Quantity Shipped:</B><BR>
1 Item
      </font>
</TD>
</TR>
</TABLE>
   <BR><BR> 
   <HR width=800 align=left>
  <BR><BR> 
<TABLE width=800 >                                
<TR valign=top>
<TD width=200>
  <font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >




</font></TD><TD width=200>

   <font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >


</font></TD><TD width=200>

      <font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >



         
         
         
         
</font></TD><TD width=200>

       <font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >


<B>Total:</B><BR>
    <?print $currency_symbol; print $amount; ?>
</font></TD></TR>
</TABLE>
          <BR><BR> 
   <HR width=800 align=left>
  <BR><BR> 
  
 <font style="font-family: Tahoma, Geneva, Verdana, Arial, sans-serif;" >


<B>Return Policy:</B><BR>
    <?print $return_policy; ?>
</font> 
